551e0cf4ba81ef9b42e9b82f2d072b23_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

551e0cf4ba81ef9b42e9b82f2d072b23_JaffaCakes118
Size

392KB
MD5

551e0cf4ba81ef9b42e9b82f2d072b23
SHA1

fc7bb67346da59f81434c29e54bbe5cf4a024ad9
SHA256

0217e0904c57ec23dcfba5957f2b594de65fa53d4480d4a93840513be33bbbcc
SHA512

d44cd87d87f00aa47c736a6759f8fba3f422901b21932162cc87f4eea3adeec9699af46dd033361501069e6fb13efaab65041a4fc53e37030a8d2274d07d39a0
SSDEEP

12288:jjeXdeqJKl0cEO/dwmRKu4fQL9ZJNGu2qI7KtgHSsVBAoTPy:ieq4lzum0uUiThtHs9Ly

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
551e0cf4ba81ef9b42e9b82f2d072b23_JaffaCakes118

Files

551e0cf4ba81ef9b42e9b82f2d072b23_JaffaCakes118
.exe windows:4 windows x86 arch:x86

570ce47ad50c7e829b8426b14fbf25c4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
VirtualQuery
SetTimeZoneInformation
FileTimeToDosDateTime
RtlUnwind
GetCurrentDirectoryA
QueryPerformanceCounter
GetCurrentProcess
GetProcAddress
VirtualAlloc
GetCurrentThreadId
SetFileTime
HeapReAlloc
HeapAlloc
VirtualFree
InterlockedIncrement
HeapFree
InterlockedExchange
GetModuleFileNameA
TerminateProcess
GetModuleHandleA
ExitProcess
GetPrivateProfileStringA
CreateMailslotA
GetShortPathNameA
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
GetFileType

advapi32

ReportEventA
RegReplaceKeyW
RegOpenKeyA
RegQueryInfoKeyW
CryptGetHashParam
RegRestoreKeyW
CryptSignHashW
CryptGenKey
RegCreateKeyA

user32

MsgWaitForMultipleObjects
GetWindowTextLengthA
GetScrollPos
GetClipboardSequenceNumber
ChangeDisplaySettingsW
GetUpdateRgn
MapVirtualKeyExA
SetSysColors
TileChildWindows
EndDialog
SetWindowsHookExW
GetTitleBarInfo
SendIMEMessageExA
DlgDirListW

Sections

.text
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 264KB - Virtual size: 263KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ